Lapsus$ claims Ubisoft as its latest victim. Telecom Fiji breach claims apparently a hoax. Unusual text lure.

Summary

By the CyberWire staff

At a glance.

Lapsus$ claims Ubisoft as its latest victim.
Telecom Fiji breach claims apparently a hoax.
Unusual text lure.

Lapsus$ claims Ubisoft as their latest victim.

The Lapsus$ threat group has been busy lately, and they want everyone to know it. French video game maker Ubisoft has disclosed that it experienced a cyber incident last week, and the Verge reports that Lapsus$ has taken credit, boldly responding to a tweet about the incident with a smirky face emoji. Ubisoft says that after a brief disruption to some of their games, systems, and services, everything is now back to normal, and more importantly, it does not appear that any personal player data were compromised. Still, the company pushed through a company-wide password reset as a precaution. Graham Cluley points out that a statement released by the company gives little information about the nature of the incident, and that this is just the most recent in a surge of high-profile attacks from Lapsus$. Gaming hardware company Nvidia was hacked by the threat group earlier this month, and the cybergang recently stole company data and Galaxy source code from electronics giant Samsung.

Fiji telecom company says no cyberattack in paradise.

After rumors appeared on social media that Telecom Fiji Limited was hit with a data breach, the Fiji Sun reports that the company has declared that the claims are untrue. The apparently false claims stated that Telecom Fiji’s servers were hacked and that the intruders had stolen customer and company data. The company’s Chief Executive Officer, Charles Goundar, stated “We would like to reassure all customers that no such breach of data and privacy occurred. All our systems, services, applications, IT and other network infrastructure is fully operational and functional and all information pertaining to physical and service details of our customers remains intact.”

Texting scam isn’t a sex trafficking lure (but it is a scam).

A viral Facebook post claims that a spammy text message being sent from an unknown number to individuals all over the US is actually a lure for a sex trafficking operation. The text in question features a picture of a young woman and a seemingly innocent “oops, wrong number” message, but responding in any way could put the recipient at risk. Ron Pierce, President of cybersecurity company Trinity Solutions, Inc., told 11Alive.com, "They're really hoping that you're going to start a conversation with them. That does two things for them. One, it validates your phone number, so they can sell that number to advertisers and make money off of that. The second thing they can get off of it is if they get the conversation going far enough, they can get personal information off of you.” Recipients are being warned not to reply.

Selected Reading

No Breach Of Customer Data Or Privacy. (Fiji Sun) Misinformation has been circulating on social media that Telecom was subject to a cyberattack where servers were hacked and hackers collected a broad range of customer and company information. ...

Are these wrong-number texts related to sex trafficking? Experts say, don't respond. (11Alive.com) A viral online post claims that if you respond to these text messages, people will be able to track you and eventually lure you into sex trafficking. Is it true?

LockBit ransomware group claims to have hacked Bridgestone Americas (Security Affairs) LockBit ransomware gang claimed to have hacked Bridgestone Americas, one of the largest manufacturers of tires. LockBit ransomware gang claimed to have compromised the network of Bridgestone Americas, one of the largest manufacturers of tires, and stolen data from the company. The Bridgestone Americas family of enterprises includes more than 50 production facilities and 55,000 […]

Ubisoft suffered a cyber security incident that caused a temporary disruption (Security Affairs) Video game company Ubisoft has suffered a ‘cyber security incident’ that had a severe impact on games, systems, and services. The rumors of a cyber attack against Ubisoft circulated online in the last few days, while data extortion group LAPSUS$ claimed to have hacked the company. Over the last few days, multiple users reported problems accessing […]